Integer Overflow (Bugs) in C

Integers is a fundamental data type in a C program, They are used to represent a finite subset of mathematical integers, C Provides us with a suite of functions, and quite a lot of modifiers for manipulating these integers , but if these functions and modifiers are not used properly and carefully they can lead top disastrous results like failing of a Program Logic , Security breach , A break in authentication applications etc.

Integer Overflow

Integer data types in C have a fixed size and limits and which cannot be changed dynamically, This drawback have resulted in a bug commonly known as ‘Integer Overflow bugs’. These bugs are one of the difficult bugs to track down and fix. It happens When an arithmetic operation attempts to create a numeric value that is larger than can be represented within available storage space.

Basically what happens is , As we add 1 to the maximum value than can be represented within a storage space , The integer overflows and resets to the minimum value it can hold .

To make it simple let’s take an example of a odometer (non-digital) an odometer is used to measure distances and it consists of different rings! When odometer reaches its maximum value i.e some 9999’s after that it rolls over to its lowest value i.e 0.

Boom! See what just happened we have carried a successful Integer overflow attack o our application.

How it happened

I am currently using a 32 bit GCC compiler , with MAXIMUM integer limit set to 2147483647 , So as we add one more to it resets back to its minimum value i.e -2147483648.

This was just an example of how these bugs can be demonstrated , and believe me if you pick up 10 normal C applications and test them for these bugs I guarantee you’ll find at least one of them which is vulnerable.

A Challenge

In the following challenge, You have to force the application to print the success message.

I understood both of the codes - the Bug.c and the next one. I also understood, why such outputs are shown. But i did not get the link between the problem (Integer Overflow Bug) and the Challenge. I mean is "Challenge" a solution to the Bug.....the two codes are quite different in purpose, you see Bug.c adds and stores a no. into an integer variable that causes an overflow.
I simply could not link the 2 parts of the tutorial. Please, explain.....

I understood both of the codes - the Bug.c and the next one. I also understood, why such outputs are shown. But i did not get the link between the problem (Integer Overflow Bug) and the Challenge. I mean is "Challenge" a solution to the Bug.....the two codes are quite different in purpose, you see Bug.c adds and stores a no. into an integer variable that causes an overflow.
I simply could not link the 2 parts of the tutorial. Please, explain.....

And did we specifically use "100"????

The challenge was related to the tutorial , because we needed to overflow the Unsigned int (data type) in C , If you have been Coding in C , You must know that unsigned int starts from 0 , and if -1 is provided it overflows to the highest value it can hold. I hope this makes it clear!